From 07632a82916b10cda291e0c7aba2582159b0559b Mon Sep 17 00:00:00 2001 From: Pierre-Hugues Husson Date: Sat, 30 Nov 2019 20:38:41 +0100 Subject: [PATCH] Fix fingerprint on Honor View 10 --- board-base.mk | 2 +- rw-system.sh | 14 +++++++++++++- sepolicy/file_contexts | 2 ++ sepolicy/huawei.te | 9 +++++++++ 4 files changed, 25 insertions(+), 2 deletions(-) diff --git a/board-base.mk b/board-base.mk index 7f32ac1..bbb817a 100644 --- a/board-base.mk +++ b/board-base.mk @@ -3,4 +3,4 @@ BOARD_BLUETOOTH_BDROID_BUILDCFG_INCLUDE_DIR := device/phh/treble/bluetooth TARGET_EXFAT_DRIVER := exfat DEVICE_FRAMEWORK_MANIFEST_FILE := device/phh/treble/framework_manifest.xml -BOARD_ROOT_EXTRA_FOLDERS += bt_firmware +BOARD_ROOT_EXTRA_FOLDERS += bt_firmware sec_storage diff --git a/rw-system.sh b/rw-system.sh index d976ab8..4ab567b 100644 --- a/rw-system.sh +++ b/rw-system.sh @@ -448,5 +448,17 @@ for abi in "" 64;do fi done - setprop ro.product.first_api_level "$vndk" + +if getprop ro.boot.boot_devices |grep -v , |grep -qE .;then + ln -s /dev/block/platform/$(getprop ro.boot.boot_devices) /dev/block/bootdevice +fi + +if [ -c /dev/dsm ];then + chown system:system /dev/dsm + chmod 0660 /dev/dsm + mkdir -p /data/sec_storage_data + chown system:system /data/sec_storage_data + chcon u:object_r:teecd_data_file_system:s0 /data/sec_storage_data + mount /data/sec_storage_data /sec_storage +fi diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts index 1160738..44049e9 100644 --- a/sepolicy/file_contexts +++ b/sepolicy/file_contexts @@ -10,3 +10,5 @@ /bt_firmware(/.*)? u:object_r:bt_firmware_file:s0 +/sec_storage(/.*)? u:object_r:teecd_data_file:s0 +/dev/dsm u:object_r:dmd_device:s0 diff --git a/sepolicy/huawei.te b/sepolicy/huawei.te index d98cded..f28947e 100644 --- a/sepolicy/huawei.te +++ b/sepolicy/huawei.te @@ -1,2 +1,11 @@ allow ueventd proc:file r_file_perms; permissive ueventd; + +type teecd_data_file, file_type; +type dmd_device, file_type; +allow hal_fingerprint_server dmd_device:chr_file rw_file_perms; +allow hal_fingerprint_server sysfs:file rw_file_perms; + +type oeminfo_nvm, domain; +type oeminfo_nvm_device, file_type; +allowxperm oeminfo_nvm oeminfo_nvm_device:blk_file ioctl { 0x1260 };